Add GitHub Actions workflow for build and release process; update CMakeLists for Windows compatibility and improve main.c usage instructions

Author: woldann

.github/workflows/build.yml

@@ -0,0 +1,55 @@
+name: Build and Release GhostInjector
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+jobs:
+  build-and-release:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        submodules: recursive
+        
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y mingw-w64
+        
+    - name: Configure CMake
+      run: |
+        cmake -B build -DCMAKE_TOOLCHAIN_FILE=toolchain-mingw.cmake -DCMAKE_BUILD_TYPE=Release
+    - name: Build
+      run: cmake --build build
+    - name: Rename executable
+      run: mv build/ghostinjector-*.exe build/ghostinjector.exe
+      
+    - name: Create Release
+      if: (github.ref == 'refs/heads/main' && github.event_name == 'push') || startsWith(github.ref, 'refs/tags/v')
+      uses: softprops/action-gh-release@v2
+      with:
+        tag_name: ${{ (github.ref == 'refs/heads/main' && 'latest') || github.ref_name }}
+        name: ${{ (github.ref == 'refs/heads/main' && 'Latest Build (Development)') || github.ref_name }}
+        body: |
+          ## 🚀 Latest Development Build
+          
+          **Commit:** ${{ github.sha }}
+          
+          ### 📥 Download
+          - **Windows:** `ghostinjector.exe`
+        files: build/ghostinjector.exe
+        draft: false
+        prerelease: ${{ github.ref == 'refs/heads/main' }}
+        make_latest: ${{ github.ref == 'refs/heads/main' }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+

CMakeLists.txt

@@ -1,6 +1,19 @@
 cmake_minimum_required(VERSION 3.10)
 project(GhostInjector VERSION 1.0.2 LANGUAGES C)
 
+if(MSVC)
+    string(REPLACE "/MD" "/MT" CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE}")
+endif()
+
+# Set C standard to C99 for the entire project
+set(CMAKE_C_STANDARD 99)
+set(CMAKE_C_STANDARD_REQUIRED ON)
+set(CMAKE_C_EXTENSIONS OFF)
+
+if(WIN32)
+    set(CMAKE_EXECUTABLE_SUFFIX ".exe")
+endif()
+
 add_subdirectory(Neptune)
 add_subdirectory(NThread)
 add_subdirectory(NThreadOSUtils)
@@ -21,10 +34,8 @@ target_link_libraries(${EXECUTABLE_NAME} PRIVATE NThreadOSUtils)
 target_compile_definitions(${EXECUTABLE_NAME} PRIVATE
   LOG_LEVEL_2
   NEPTUNE_MODULERULES_HEADER="ntosutils_rules.h"
-  LOG_FORCE_COLOR
   NEPTUNE_ENABLE_MEMMEM
   VERSION=${PROJECT_VERSION}
   LOG_FILE_PATH=L"ghostinjector.log"
   LOG_ON_STDOUT=1
-)
-
+)

NThread

@@ -11,7 +11,7 @@
  * furnished to do so, subject to the following conditions:
  * 
  * The above copyright notice and this permission notice shall be included in all
- * copies or substantial portions of the Software.
+ * copies or substantial portions of the Software. 
  * 
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
@@ -22,44 +22,49 @@
  * SOFTWARE.
  */
 
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <windows.h>
+
 #include "nerror.h"
 #include "ntosutils.h"
 #include "ntmem.h"
 #include "ntosutilswin.h"
 
+void print_usage() {
+    printf("GhostInjector - DLL Injection tool for Windows processes\n\n");
+    printf("Examples:\n");
+    printf("  ghostinjector.exe 1234 mydll.dll\n");
+    printf("  ghostinjector.exe 5678 first.dll second.dll third.dll\n\n");
+    printf("Usage:\n");
+    printf("  ghostinjector.exe <process_id> <dll_path> [dll_path2 ...]\n");
+    printf("  ghostinjector.exe -h | --help\n");
+}
+
 int main(int argc, char *argv[])
 {
 	if (HAS_ERR(neptune_init()))
 		return EXIT_FAILURE;
 
-	if (argc < 3) {
-#ifdef LOG_LEVEL_1
-		LOG_INFO(
-			"Usage: %s <thread_id:DWORD or process_id:DWORD> <dll_path:string>",
-			argv[0]);
-#endif /* ifdef LOG_LEVEL_1 */
-
-		return 0x10;
+	if (argc < 3 || strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0) {
+		print_usage();
+		neptune_destroy();
+		return EXIT_SUCCESS;
 	}
 
-#ifdef LOG_LEVEL_1
-	LOG_INFO("Neptune initilaized!");
-#endif /* ifdef LOG_LEVEL_1 */
-
-	const char *dll_path = argv[2];
-	const char *id_str = argv[1];
+	uint32_t id = atoi(argv[1]);
 
 #ifdef LOG_LEVEL_1
-	LOG_INFO("DLL Path(%s)", dll_path);
-#endif /* ifdef LOG_LEVEL_1 */
-
-	DWORD id = atoi(id_str);
+	LOG_INFO("Neptune initialized!");
+	LOG_INFO("ID: %u", id);
+	LOG_INFO("Number of DLLs to inject: %d", argc - 2);
+#endif
 
-	if (id < 0) {
+	if (id == 0) {
 #ifdef LOG_LEVEL_1
 		LOG_ERROR("Invalid id: must be greater than 0");
-#endif /* ifdef LOG_LEVEL_1 */
-
+#endif
 		neptune_destroy();
 		return 0x11;
 	}
@@ -68,85 +73,86 @@ int main(int argc, char *argv[])
 	if (kernel32 == NULL) {
 #ifdef LOG_LEVEL_1
 		LOG_ERROR("GetModuleHandleA failed");
-#endif /* ifdef LOG_LEVEL_1 */
-
+#endif
 		neptune_destroy();
 		return 0x20;
 	}
 
-	void *load_library_func = GetProcAddress(kernel32, "LoadLibraryA");
+	FARPROC load_library_func = GetProcAddress(kernel32, "LoadLibraryA");
 	if (load_library_func == NULL) {
 #ifdef LOG_LEVEL_1
 		LOG_ERROR("GetProcAddress failed");
-#endif /* ifdef LOG_LEVEL_1 */
-
+#endif
+		neptune_destroy();
 		return 0x21;
 	}
 
 #ifdef LOG_LEVEL_1
-	LOG_INFO("LoadLibraryA=%p", load_library_func);
-#endif /* ifdef LOG_LEVEL_1 */
+	LOG_INFO("LoadLibraryA=%p", (void *)load_library_func);
+#endif
 
-	// Initialize the ntutils layer for working on the target thread.
 	if (HAS_ERR(nosu_attach(id))) {
 #ifdef LOG_LEVEL_1
 		LOG_WARN("nosu_attach failed");
-#endif /* ifdef LOG_LEVEL_1 */
+#endif
 
 		if (HAS_ERR(nosu_find_thread_and_upgrade(id))) {
 #ifdef LOG_LEVEL_1
 			LOG_ERROR("nosu_find_thread_and_upgrade failed");
-#endif /* ifdef LOG_LEVEL_1 */
-
+#endif
 			neptune_destroy();
 			return 0x06;
 		}
 	}
 
-	size_t dll_path_len = strlen(dll_path);
-	size_t dll_path_size = dll_path_len + 1;
+	for (int i = 2; i < argc; i++) {
+		const char *dll_path = argv[i];
 
-	ntmem_t *ntmem = ntm_create_with_alloc_ex(dll_path_size + 1);
-	if (ntmem == NULL) {
 #ifdef LOG_LEVEL_1
-		LOG_ERROR("ntm_create failed");
-#endif /* ifdef LOG_LEVEL_1 */
+		LOG_INFO("Injecting DLL [%d/%d]: %s", i - 1, argc - 2, dll_path);
+#endif
 
-		ntu_destroy();
-		neptune_destroy();
-		return 0x92;
-	}
+		size_t dll_path_len = strlen(dll_path);
+		size_t dll_path_size = dll_path_len + 1;
 
-	// Copy the converted string into memory that will be pushed to the target.
-	void *local = NTM_LOCAL(ntmem);
-	memcpy(local, dll_path, dll_path_size);
-
-	// Push the DLL path into the remote memory.
-	void *dll_path_addr = ntm_push(ntmem);
-	if (dll_path_addr == NULL) {
+		ntmem_t *ntmem = ntm_create_with_alloc_ex(dll_path_size + 1);
+		if (ntmem == NULL) {
 #ifdef LOG_LEVEL_1
-		LOG_ERROR("ntm_push failed");
-#endif /* ifdef LOG_LEVEL_1 */
+			LOG_ERROR("ntm_create failed for %s", dll_path);
+#endif
+			continue; 
+		}
 
-		ntu_destroy();
-		neptune_destroy();
-		return 0x93;
-	}
+		void *local = NTM_LOCAL(ntmem);
+		memcpy(local, dll_path, dll_path_size);
 
+		void *dll_path_addr = ntm_push(ntmem);
+		if (dll_path_addr == NULL) {
 #ifdef LOG_LEVEL_1
-	LOG_INFO("DLL Path Address(%p)", dll_path_addr);
-#endif /* ifdef LOG_LEVEL_1 */
-
-	// Call LoadLibraryA inside the target thread context.
-	void *load_library_ret = ntu_ucall(load_library_func, dll_path_addr);
+			LOG_ERROR("ntm_push failed for %s", dll_path);
+#endif
+			ntm_delete(ntmem);
+			continue;
+		}
 
 #ifdef LOG_LEVEL_1
-	LOG_INFO("Return Value(%p)", load_library_ret);
-#endif /* ifdef LOG_LEVEL_1 */
+		LOG_INFO("DLL Path Address(%p)", dll_path_addr);
+#endif
+
+		void *load_library_ret = ntu_ucall((void *)load_library_func, dll_path_addr);
 
-	ntm_delete(ntmem);
+#ifdef LOG_LEVEL_1
+		LOG_INFO("LoadLibrary returned: %p", load_library_ret);
+		if (load_library_ret != NULL) {
+			LOG_INFO("Successfully injected: %s", dll_path);
+		} else {
+			LOG_ERROR("Failed to inject: %s", dll_path);
+		}
+#endif
 
+		ntm_delete(ntmem);
+	}
 	ntu_destroy();
 	neptune_destroy();
 	return EXIT_SUCCESS;
-}
+}

NThreadOSUtils

@@ -0,0 +1,5 @@
+# toolchain-mingw.cmake
+set(CMAKE_SYSTEM_NAME Windows)
+set(CMAKE_C_COMPILER x86_64-w64-mingw32-gcc)
+set(CMAKE_CXX_COMPILER x86_64-w64-mingw32-g++)
+set(CMAKE_RC_COMPILER x86_64-w64-mingw32-windres)